A study examining relationships between micro patterns and security vulnerabilities.
Saved in:
| Title: | A study examining relationships between micro patterns and security vulnerabilities. |
|---|---|
| Authors: | Sultana, Kazi Zakia, Williams, Byron J., Bhowmik, Tanmay |
| Source: | Software Quality Journal; Mar2019, Vol. 27 Issue 1, p5-41, 37p |
| Subject Terms: | SOFTWARE measurement, COMPUTER software quality control, SOFTWARE reliability, WEB-based user interfaces |
| Abstract: | Software security is an integral part of software quality and reliability. Software vulnerabilities make the software susceptible to attacks which violates software security. Metric-based software vulnerability prediction is one way to evaluate vulnerabilities beforehand so that developers can take preventative measures against attacks. In this study, we explore the correlation between software vulnerabilities and code-level constructs called micro patterns. These code patterns characterize class-level object-oriented program features. Existing research addressed micro pattern correlation with software defects. We analyzed the correlation between vulnerabilities and micro patterns from different viewpoints and explored whether they are related. We studied the distribution of micro patterns and their associations with vulnerable classes in 42 versions of the Apache Tomcat and three Java web applications. This study shows that certain micro patterns are frequently present in vulnerable classes. We also show that there is a high correlation between certain patterns that coexist in a vulnerable class. [ABSTRACT FROM AUTHOR] |
| Copyright of Software Quality Journal is the property of Springer Nature and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.) | |
| Database: | Complementary Index |
Full Text Finder 
Nájsť tento článok vo Web of Science Be the first to leave a comment!